ICO reveal cookie sweep findings
Published 17 February 2015
The investigation has revealed that UK websites place more cookies than any other surveyed country. However they also give the most information on what cookies are placed and how they are used.
It was further noted that cookies tend to outlive their requirements and whilst the average cookie is set to terminate within one to two years, some cookies were not set to expire until 7,984 years had passed!
ICO commented that “There’s also clearly an issue with the lifespan of some of these cookies. Developers must consider the implications of using certain settings in their code. Setting a long expiry on a cookie means that it will not only outlive the usefulness of the device, but also the person using it at the time. While the length of time a cookie needs to remain on a device will depend on the reason why it was originally set, it is difficult to justify an expiry date in the year 9999 for even the most innocent of purposes".
To view the ICOs press release, please click here.
To view WP29 full report, please click here.
What action could be taken to manage risks that may arise from this development?
In particular, companies should review the periods of time for which cookies are set to ensure they are proportionate to the purpose.